CAP Authentication of the Professional Practice Examination Set 12

In 2003, NIST developed a new certification and accreditation (C & A) command called FIPS 199. What is the level of the potential impact of the provisions of FIPS 199? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • high
  • medium
  • medium
  • low

Answer : high medium low

Your work makes a quantitative risk analysis round as a project manager, technical Soft Inc. your project team and key stakeholders. Nonew, we need to update the risk register your findings, risks so that you can communicate the results of the project stakeholders - including management. You need to upgrade all of the following except which one?


Options are :

  • Trends in quantitative risk analysis
  • Probability analysis of the project
  • Probability of achieving cost and time objectives
  • Risk distribution within the project schedule
  • None

Answer : Risk distribution within the project schedule

CAP Certified Authorization Professional Practice Exam Set 6

Changes in software configuration management (SCM) process definitions need to be tracked and to ensure final delivery of the software is designed for all will be included in the improved ability to publish. What is already defined for each software project to ensure that the program supply chain management process of sound? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • Configuration Identification
  • Configuration order book
  • Configuration Change Management
  • Configuration Check
  • In introducing components

Answer : Configuration Identification Configuration order book Configuration Change Management Configuration Check

Sami is the project manager of his organization. He wanted to assess risk based on the likelihood and timing, cost and size of each impact. Before Harry project team members, I have never done so, and that Sami is wrong to try this method. Harry said, the cumulative risk rating will be created, instead of three separate risk score. Who is right, this situation?


Options are :

Answer : Sami is correct, because companies can establish a risk score for each target PR oject.

Step 0 Risk Management Framework (RMF) is a famous strategic planning and risk assessment. Which of the following process occurs at 0? Each correct answer presents a complete solution. Check all that apply.


Options are :

Answer : In order to strengthen the standard attribute information for classification and ranking of. Application information and IT resources, assets classification criteria listed. Development of standards, assessment of threats, vulnerabilities, and controls. Threats, vulnerabilities, and controls assessed.

CAP Certified Authorization Professional Practice Exam Set 3

Which by environmental factors, information systems, may have a negative certification of the security of the system and its impact on the individual monitoring of?


Options are :

  • Information system owner
  • Chief Risk Officer
  • Security Officer
  • Chief Information Officer

Answer : Information system owner

You are the project manager for the project CUL organization. You and your project team to assess the risk event, and create identity probability and impact matrix risks.Which Which of the following best describes the kind of data analysis required for use in qualitative risk it?


Options are :

  • Qualitative risk analysis requires accurate and unbiased information, if it is credible.
  • None
  • Qualitative Risk Analysis encourage biased data show that risk tolerance.
  • The risk of bias needs an independent ability to withstand stakeholders qualitative risk analysis.
  • Qualitative risk analysis requires quick and simple information for analysis.

Answer : Qualitative risk analysis requires accurate and unbiased information, if it is credible.

Kelly is a project manager BHH project their own organization. He completed part of the risk identification process of the project. Which of the following is the only thing the risk identification process to produce Kelly's?


Options are :

  • Risk register
  • Change request
  • None
  • The risk register updates
  • Project document updates

Answer : Risk register

CAP Certified Authorization Professional Practice Exam Set 3

Joan BTT project for his company's project manager. He has committed to building a risk response measures in their project, within the framework of the project, both positive and negative risk events. As a result ofthis Joan production process needs to be updated project plan update. He assumed that the number of updates as a result of the discovery and to cope with risks, but what other files need to be updated to deal with the risk of output plans?


Options are :

  • Learn a lesson
  • Risk Breakdown Structure
  • Technical Documents
  • None
  • range

Answer : Technical Documents

Your organization's project manager for your HJK project. You and your project team created a lot of risk events Risk Response project. Group agreement is an example of what kind of risk, the answer is it?


Options are :

  • use
  • distribution
  • Empathy
  • None
  • Ease

Answer : distribution

Mary is a project manager project HGH in his company. He and his team agreed that if the seller is ten days to cancel their subscription, and hired NBGCompany fulfill orders. NBG company can Nonet guarantee the order within three days, but the cost of their products significantly more expensive than the current vendor. Aresponse what kind of strategy is this?


Options are :

  • Strategy Team
  • expert review
  • Internal risk management strategies
  • External Risk Response
  • None

Answer : Strategy Team

CAP Authentication of the Professional Practice Examination Set 12

Which of the following refers to the process for the implementation of information security?


Options are :

  • Certification and accreditation (C & A)
  • None
  • Information Assurance (IA)
  • Five pillar model
  • Classic security model

Answer : Certification and accreditation (C & A)

This is the rest of the there has been, at risk of residual risk after risk reduction description?


Options are :

  • None
  • DAA
  • DIACAP
  • ISSO
  • SSAA

Answer : DIACAP

Which of the following behaviors are important for the security interests of the US ecoNonemy and national security?


Options are :

  • Computer Misuse Act
  • None
  • Lanham
  • Computer Fraud and Abuse Act
  • FISMA

Answer : FISMA

CAP Certified Authorization Professional Practice Exam Set 12

Which of the following requires that all general support systems and major applications fully certified and before these systems and applications into production approval? Each correctanswer represents part of the solution. Check all that apply


Options are :

  • FISMA
  • NIST
  • Office of Management and Budget (OMB)
  • FIPS

Answer : FISMA Office of Management and Budget (OMB)

What is the process to implement and strengthen the subordinate tasks assigned IA controls DIACAP step? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • IA implementation and updating of the implementation plan.
  • The pursuit of a validation activities.
  • Connection verification results DIACAP scorecard.
  • And information systems and the pursuit of cultural transfer activities.

Answer : IA implementation and updating of the implementation plan. The pursuit of a validation activities. Connection verification results DIACAP scorecard.

Which of the following is to assess the operational control of IA status of the implementation of the assigned license on a temporary basis?


Options are :

  • Dato '
  • ATO
  • None
  • Ad Hoc Working Group
  • IATO

Answer : IATO

CAP Certified Authorization Professional Practice Exam Set 11

Joan is a project management consultant, she has been leased to companies to help them determine the risk events within the framework of the project. Joan first item to check documents, such as plans, assumptions lists, project documents and contracts. What is needed to help find the revised project document Joan risk?


Options are :

  • The plan, which is loose termiNonelogy and methods to reveal the risk of disconnection.
  • None
  • And the lack of consistency of programs and projects in the project requirements can be assumed that risk indicators
  • Poorly written project plan and required documents reveal inconsistencies.
  • The project file will help the project manager or Joan, which risk identification method to determine the best proceed.

Answer : And the lack of consistency of programs and projects in the project requirements can be assumed that risk indicators

Which of the following are included in the technical control? Each correct answer presents a complete solution. Check all that apply


Options are :

  • Security devices
  • Password and Resource Management
  • The configuration of infrastructure
  • Identification and authentication methods
  • safety equipment
  • Access control mechanism for the implementation and maintenance

Answer : Security devices Password and Resource Management The configuration of infrastructure Identification and authentication methods Access control mechanism for the implementation and maintenance

Which of the following are different access control? Each correct answer presents a complete solution. Choose three.


Options are :

  • automatic
  • techNonelogy
  • physical
  • Administration

Answer : techNonelogy physical Administration

CAP Certified Authorization Professional Practice Exam Set 9

You are the project manager of large-scale construction projects. Project will create part of the power wiring of the project. You and your project team to identify theelectrical work too dangerous to let yourself so you do Nonet hire an electrician to do the work of the project. This is a dangerous answer example?


Options are :

  • use
  • None
  • Shelter
  • Ease
  • Empathy

Answer : Empathy

What are the risks associated with management of the following conditions is equal to the estimated frequency of its imminent threat is how much?


Options are :

  • Exposure factor (EF)
  • Safety
  • Annual occurrence (ARO)
  • None
  • Single Loss Expectancy (SLE)

Answer : Annual occurrence (ARO)

Walter is a large construction project manager. He's supply projects work with several. Several components of the seller will provide materials and projects. In some projects work is very dangerous, so the safety requirements for all suppliers and project teams Walter has been carried out. The project stakeholders adds new requirements, has led to new risks of the project. Suppliers have identified new risks, which may affect the project, if it comes to fruition. Walter and seller agree to update the risk register, risk response and the establishment of measures to reduce risk. What Walter will also update in this case take into account the events of the risks?


Options are :

  • None
  • Project communication plan
  • Project Management Plan
  • Project Scope
  • The project contract with the seller

Answer : Project Management Plan

CAP Certified Authorization Professional Practice Exam Set 4

You are the company's behavior and project managers NNQ project, you have a risk contingency plans for the project team to define the project. Maria, a member of the project team, what contingency plans required Yes. Contingency plans Which of the following best describes what is the answer?


Options are :

  • None
  • Only when a specific event occurs some reactions are designed for use.
  • Quantitative risk should always be unpredictable answers.
  • Some contributions are cost and time factor to consider each risk event
  • Some contributions are in order to prevent the risk of pending events.

Answer : Only when a specific event occurs some reactions are designed for use.

Stage 4 DITSCAP C & A is called postal recognized. This phase will start after the system has been recognized Step 3. What is the process operating at this point? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • Change Management
  • business
  • Maintenance SSAA
  • Safety Action
  • Compliance verification
  • Continue to review and refine the SSAA

Answer : Change Management business Maintenance SSAA Safety Action Compliance verification

Security management is the protection of information assets security check process determined. The first data securityis operation management program in place, the safety procedures. What are the goals of the security plan is? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • Safety Training
  • entry
  • Classification System
  • Security organizations

Answer : Safety Training entry Security organizations

CAP Certified Authorization Professional Practice Exam Set 8

Rob is a project manager project IDLK his company. The project has set aside the $ 200 million 5.6 and is expected to last 18 months. Rob learned that the new law may affect the way the project can proceed - even though the organization has invested more than 750,000in $ project. What is the most appropriate answer in this case, what is the risk?


Options are :

  • Ease
  • improve
  • None
  • Empathy
  • use

Answer : use

What needs to practice the following safety information assurance (IA) defined?


Options are :

  • Five pillar model
  • Classic security model
  • Communications management plan
  • Parkerian hexad
  • None

Answer : Classic security model

High-profile, high-priority project organization in creating. Management wants you to pay particular attention to the risks of the project, and do everything you can to ensure that all risks are identified early in the project. Management must ensure that the project is a success. Associated with this project management of risk aversion, what are the conditions?


Options are :

  • Useful Features
  • Risk mitigation measures
  • Quantitativerisk analysis
  • None
  • There is a risk of conscience

Answer : Useful Features

CAP Certified Authorization Professional Practice Exam Set 13

Which of the following statements correctly describes DIACAP residual risk?


Options are :

  • None
  • This is a process in which the security authorization.
  • It is a safe design of techNonelogy implementation.
  • This is a residual risk after risk mitigation information system has occurred.
  • It is used to strengthen the information system

Answer : This is a residual risk after risk mitigation information system has occurred.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions